Sign In

Communications of the ACM

ACM TechNews

The Latest Cybersecurity Threat: Pay Us or We Release the Data


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A Water Quality Monitoring Station of the Scottish Environmental Protection Agency.

The Scottish Environmental Protection Agency was the victim of a ransomware attack last December and had stolen data published.

Credit: Alamy

A new type of ransomware attack involves cybercriminals stealing sensitive data and threatening to publish it online if the victim does not pay a hefty ransom.

With the new attacks, victims not only have to contend with the initial ransom payment, but also legal and reputational risks depending on the information that could be leaked.

Coveware reports that 81% of ransomware attacks in the second quarter involved such threats.

Security experts are paying close attention to these new attacks because they could harm a company's customers, partners, and employees whose data was stolen.

Emsisoft's Brett Callow said attackers sometimes inform customers that their sensitive data has been stolen to increase pressure on the company to pay the ransom.

In cautioning against ransom payments, Callow said, "You are simply paying for a promise from an untrustworthy bad-faith actor that they won't further misuse the data they stole."

From The Wall Street Journal
View Full Article - May Require Paid Subscription

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found